A study on usability and security features of the Android pattern lock screen. (14th March 2016)
- Record Type:
- Journal Article
- Title:
- A study on usability and security features of the Android pattern lock screen. (14th March 2016)
- Main Title:
- A study on usability and security features of the Android pattern lock screen
- Authors:
- Andriotis, Panagiotis
Oikonomou, George
Mylonas, Alexios
Tryfonas, Theo - Abstract:
- Abstract : Purpose: – The Android pattern lock screen (or graphical password) is a popular user authentication method that relies on the advantages provided by the visual representation of a password, which enhance its memorability. Graphical passwords are vulnerable to attacks (e.g. shoulder surfing); thus, the need for more complex passwords becomes apparent. This paper aims to focus on the features that constitute a usable and secure pattern and investigate the existence of heuristic and physical rules that possibly dictate the formation of a pattern. Design/methodology/approach: – The authors conducted a survey to study the users' understanding of the security and usability of the pattern lock screen. The authors developed an Android application that collects graphical passwords, by simulating user authentication in a mobile device. This avoids any potential bias that is introduced when the survey participants are not interacting with a mobile device while forming graphical passwords (e.g. in Web or hard-copy surveys). Findings: – The findings verify and enrich previous knowledge for graphical passwords, namely, that users mostly prefer usability than security. Using the survey results, the authors demonstrate how biased input impairs security by shrinking the available password space. Research limitations/implications: – The sample's demographics may affect our findings. Therefore, future work can focus on the replication of our work in a sample with differentAbstract : Purpose: – The Android pattern lock screen (or graphical password) is a popular user authentication method that relies on the advantages provided by the visual representation of a password, which enhance its memorability. Graphical passwords are vulnerable to attacks (e.g. shoulder surfing); thus, the need for more complex passwords becomes apparent. This paper aims to focus on the features that constitute a usable and secure pattern and investigate the existence of heuristic and physical rules that possibly dictate the formation of a pattern. Design/methodology/approach: – The authors conducted a survey to study the users' understanding of the security and usability of the pattern lock screen. The authors developed an Android application that collects graphical passwords, by simulating user authentication in a mobile device. This avoids any potential bias that is introduced when the survey participants are not interacting with a mobile device while forming graphical passwords (e.g. in Web or hard-copy surveys). Findings: – The findings verify and enrich previous knowledge for graphical passwords, namely, that users mostly prefer usability than security. Using the survey results, the authors demonstrate how biased input impairs security by shrinking the available password space. Research limitations/implications: – The sample's demographics may affect our findings. Therefore, future work can focus on the replication of our work in a sample with different demographics. Originality/value: – The authors define metrics that measure the usability of a pattern (handedness, directionality and symmetry) and investigate their impact to its formation. The authors propose a security assessment scheme using features in a pattern (e.g. the existence of knight moves or overlapping nodes) to evaluate its security strengths. … (more)
- Is Part Of:
- Information and computer security. Volume 24:Number 1(2016)
- Journal:
- Information and computer security
- Issue:
- Volume 24:Number 1(2016)
- Issue Display:
- Volume 24, Issue 1 (2016)
- Year:
- 2016
- Volume:
- 24
- Issue:
- 1
- Issue Sort Value:
- 2016-0024-0001-0000
- Page Start:
- 53
- Page End:
- 72
- Publication Date:
- 2016-03-14
- Subjects:
- Vulnerability -- Authentication -- User -- Pattern -- Graphical password
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-01-2015-0001 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8133.xml